UA EN RU
All topics
Topics
UA EN RU
Last news
Verification of IDPs in Ukraine: Ministry of Development proposed two possible paths today, 13:50
Ukraine will provide allies with a list of objects that Russia must not hit, - Zelensky today, 13:25
Diversification of Imports: Ukraine to Receive Additional Volumes of American Gas today, 12:35
Zelensky announced a conversation with Trump and responded to Putin's demand today, 12:10
In Ukraine, there are 460 temporarily occupied communities - minister today, 11:45
Bordering EU countries firmly oppose the return of Russian energy resources - Media today, 11:20
Ursula von der Leyen called for collective arms purchases by 2030 today, 10:55
France modernizes nuclear deterrence: new Rafale with hypersonic missiles by 2035 today, 10:30
Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger today, 10:05
Strategic Cooperation: Neyizhpapa Discussed Maritime Security with the Leadership of IMO today, 09:40
Life After Sanctions: How Russia Promotes Arctic Gas on the Global Market today, 09:15
US Court Rules on USAID Operations today, 08:50
Russian troops from the Kursk region are being pulled to the border with Sumy region - Joint Forces Operation 'Siversk' today, 08:25
The US has released previously secret documents about the assassination of John Kennedy today, 08:00
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

today, 10:05 175
Shostal Oleksandr
Journalist Shostal Oleksandr
today, 10:05 175
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Verification of IDPs in Ukraine: two paths
Verification of IDPs in Ukraine: Ministry of Development proposed two possible paths
today, 13:50 8
The list of objects that Russia must not hit will be provided to our allies
Ukraine will provide allies with a list of objects that Russia must not hit, - Zelensky
today, 13:25 9
Additional volumes of American gas to Ukraine
Diversification of Imports: Ukraine to Receive Additional Volumes of American Gas
today, 12:35 136
Zelensky and Trump are having a conversation
Zelensky announced a conversation with Trump and responded to Putin's demand
today, 12:10 134
Up to 6 words: 460 communities temporarily occupied
In Ukraine, there are 460 temporarily occupied communities - minister
today, 11:45 150
Bordering EU countries do not agree to the return of Russian energy resources
Bordering EU countries firmly oppose the return of Russian energy resources - Media
today, 11:20 136

Advertising